Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215542.roa
File: AS215542.roa (raw, json)
Hash identifier: JxzlhLhNa4KKC0nqHfFpKTDfyl3sPsu7eUVhNgyWlP0=
Subject key identifier: 89:A3:7C:ED:34:CB:85:B9:35:95:42:F2:4F:C8:B7:D7:C6:33:40:ED
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 22D11A61B3FF28D90A9574330B68941AADA8A699
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215542.roa
Signing time: Sat 10 Feb 2024 05:12:16 +0000
ROA not before: Sat 10 Feb 2024 05:07:16 +0000
ROA not after: Sat 08 Feb 2025 05:12:16 +0000
asID: 215542
IP address blocks: 2a13:df80:1c00::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:d1:1a:61:b3:ff:28:d9:0a:95:74:33:0b:68:94:1a:ad:a8:a6:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Feb 10 05:07:16 2024 GMT
Not After : Feb 8 05:12:16 2025 GMT
Subject: CN=89A37CED34CB85B9359542F24FC8B7D7C63340ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bb:3d:1f:5a:43:73:46:17:0f:b8:bb:4d:22:
99:79:ca:45:3b:69:1d:db:40:9f:40:9b:79:cc:34:
6d:7a:3f:b9:da:1a:50:2d:50:a1:46:36:cf:dc:97:
4d:a0:19:b9:bb:b1:fd:47:5a:47:1a:2c:84:35:d9:
be:b0:13:8f:09:d4:c3:d4:e6:1f:34:9b:40:24:d4:
93:d0:0f:f3:22:bc:ea:53:da:57:5c:a6:90:8a:39:
24:08:ef:e4:72:1a:66:a5:40:2e:64:8e:3c:ad:f6:
26:2b:53:be:37:2a:17:f5:1c:a2:b2:19:d2:f0:b1:
bc:4c:53:fa:39:08:df:9c:b5:73:31:6b:2e:a9:cf:
43:5a:14:39:dd:5a:03:02:32:be:8c:75:82:8e:ba:
37:dc:ae:57:47:29:0d:9d:9f:84:16:a4:49:5d:32:
60:ad:e6:77:84:a7:8a:b6:85:1b:99:39:3a:e9:68:
e1:c6:ec:55:c8:41:66:28:fe:4e:ef:f4:06:2e:63:
b8:50:43:85:ed:89:3d:2b:37:ff:a5:d7:f2:d7:60:
6e:ef:16:da:70:7c:66:6d:22:ab:7b:54:da:19:4f:
79:5c:ed:4e:82:3f:06:ca:4c:e0:67:3b:83:0b:f5:
ca:08:eb:f7:db:30:bb:24:d2:cb:42:bc:05:b4:ca:
42:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A3:7C:ED:34:CB:85:B9:35:95:42:F2:4F:C8:B7:D7:C6:33:40:ED
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215542.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:1c00::/40
Signature Algorithm: sha256WithRSAEncryption
4c:3e:5f:af:fc:c9:82:5f:2d:8a:2a:3d:3f:e1:c9:da:b6:5f:
fe:f1:60:67:ab:85:72:82:b6:98:5e:64:d7:3e:32:4c:df:72:
68:0a:ef:fa:1a:a5:c4:6b:d6:7f:e1:35:33:77:b2:aa:2f:b1:
3b:b3:4c:4f:2a:e6:81:a2:e9:f5:c3:06:35:fa:6a:8f:3e:92:
86:d8:7d:77:74:2c:01:5f:aa:43:08:d6:0b:bc:ae:42:04:c8:
b7:f8:35:8e:0e:cd:13:46:fa:53:76:a1:9b:8d:2a:21:0d:df:
d7:58:8a:d4:82:85:4a:c3:cf:c9:2c:c1:11:af:1c:28:fc:8e:
85:e0:af:19:f9:08:6c:6e:83:f9:97:b8:34:fb:c5:2e:00:d4:
10:87:4a:91:f1:1a:2c:f3:ce:36:e4:df:35:80:47:a3:ca:e9:
63:c1:e9:64:7c:f1:cc:8a:24:2e:b5:a0:d6:dc:ce:0d:3a:54:
39:58:0e:ec:18:5d:2c:0c:98:b2:b0:2b:fe:9d:e3:7a:ba:36:
e7:d9:4d:6d:73:da:e6:ba:6b:b9:64:1b:70:db:d6:3b:fe:88:
91:0a:fd:19:03:db:c1:5c:18:13:46:c0:d2:6a:63:e3:74:0f:
86:b2:6f:75:06:b9:ef:7e:cd:87:d6:b3:88:38:6d:34:a3:02:
ca:d0:be:ca
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUItEaYbP/KNkKlXQzC2iUGq2oppkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDAyMTAwNTA3MTZaFw0yNTAyMDgwNTEyMTZaMDMxMTAvBgNV
BAMTKDg5QTM3Q0VEMzRDQjg1QjkzNTk1NDJGMjRGQzhCN0Q3QzYzMzQwRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAuz0fWkNzRhcPuLtNIpl5ykU7
aR3bQJ9Am3nMNG16P7naGlAtUKFGNs/cl02gGbm7sf1HWkcaLIQ12b6wE48J1MPU
5h80m0Ak1JPQD/MivOpT2ldcppCKOSQI7+RyGmalQC5kjjyt9iYrU743Khf1HKKy
GdLwsbxMU/o5CN+ctXMxay6pz0NaFDndWgMCMr6MdYKOujfcrldHKQ2dn4QWpEld
MmCt5neEp4q2hRuZOTrpaOHG7FXIQWYo/k7v9AYuY7hQQ4XtiT0rN/+l1/LXYG7v
FtpwfGZtIqt7VNoZT3lc7U6CPwbKTOBnO4ML9coI6/fbMLsk0stCvAW0ykJRAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUiaN87TTLhbk1lULyT8i318YzQO0wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE1NTQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhPf
gBwwDQYJKoZIhvcNAQELBQADggEBAEw+X6/8yYJfLYoqPT/hydq2X/7xYGerhXKC
tpheZNc+MkzfcmgK7/oapcRr1n/hNTN3sqovsTuzTE8q5oGi6fXDBjX6ao8+kobY
fXd0LAFfqkMI1gu8rkIEyLf4NY4OzRNG+lN2oZuNKiEN39dYitSChUrDz8kswRGv
HCj8joXgrxn5CGxug/mXuDT7xS4A1BCHSpHxGizzzjbk3zWAR6PK6WPB6WR88cyK
JC61oNbczg06VDlYDuwYXSwMmLKwK/6d43q6NufZTW1z2ua6a7lkG3Db1jv+iJEK
/RkD28FcGBNGwNJqY+N0D4ayb3UGue9+zYfWs4g4bTSjAsrQvso=
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org